hack whmcs v7

saadatidust

saadatidust

New member
Apr 25, 2021
24
0
1
Is it possible that there is another malicious script on the host? Or are the same files that Antivarvel found on my host only active scripts?
 
saadatidust

saadatidust

New member
Apr 25, 2021
24
0
1
I see this code in the .htaccess file. Is this code public code or malicious code?
Code: 
# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php74” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
 
saadatidust

saadatidust

New member
Apr 25, 2021
24
0
1
Is it normal or unusual for these files to start with a dot?
How to search and delete all these types of files that start with a dot? file.jpg
 
saadatidust

saadatidust

New member
Apr 25, 2021
24
0
1
I found a file in the host called adminer.php, the execution of which gives us the username and password information to visit, and he can easily change it.
The question is, how did he manage to upload this file to our hosts?
The desired file is found in the directory of one of the WordPress plugins. But can we upload the effects of that file to everyone on the host? See the directories?
How could he
 
  • Sad
Reactions: d3v1l
d3v1l

d3v1l

Well-known member
Banned User
Dec 24, 2020
362
697
93
22
India
d3v1l.co
saadatidust said:
I found a file in the host called adminer.php, the execution of which gives us the username and password information to visit, and he can easily change it.
The question is, how did he manage to upload this file to our hosts?
The desired file is found in the directory of one of the WordPress plugins. But can we upload the effects of that file to everyone on the host? See the directories?
How could he
Click to expand...
Just do one thing update whmcs to latest version.
 
I

iegyi

New member
Nov 22, 2019
4
0
1
We have a large web hosting company, We can migrate all of your websites for free also we will secure your whmcs installation 100% , We are in this industry since 2004
 
T

thambyz

Active member
Mar 18, 2021
103
41
28
If you are using WordPress in same account, might be first WordPress got compromised and then from that they got into WHMCS. If you are using both WordPress and WHMCS in same account, you need to check both for any malicious files. I suggest using WHMCS in a subdomain with separate account.

WordPress is easy to get compromised (compared to WHMCS). When hacker got into your account from WordPress, they can see all files including WHMCS, they can access to WHMCS DB using details from configuration file and do whatever they want.
 
You must log in or register to reply here.

Similar threads

MrSam_1
Zhost v3 WHMCS Theme
Replies
6
Views
253
WHMCS Modules
comcpa2022
comcpa2022
MrSam_1
WordPress Manager for WHMCS
Replies
0
Views
74
WHMCS Modules
MrSam_1
MrSam_1
MrSam_1
cPanel Extended for WHMCS
Replies
1
Views
90
WHMCS Modules
djembe
djembe
MrSam_1
Hexa - Responsive Dashboard WHMCS Template
Replies
0
Views
113
WHMCS Modules
MrSam_1
MrSam_1
MrSam_1
Email Verifier for WHMCS
Replies
0
Views
112
WHMCS Modules
MrSam_1
MrSam_1

Latest posts

Forum statistics

Threads
69,206
Messages
908,349
Members
236,884
Latest member
Binotrada

Share this page

Share this page

About us

  • Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.

Quick Navigation

Forums Contact us

User Menu

Login
Community platform by XenForo © 2010-2022 XenForo Ltd.
Top Bottom